Microsoft Wants to Pay You $250,000 To Find CPU Vulnerabilities

We all know very well that the Meltdown and Spectre failures have shaken the technology market, affecting almost every processor made in the last two decades. However, now according to the latest reports, the tech giant Microsoft recently announced that it will pay you $250,000 to find CPU vulnerabilities.

The Meltdown and Spectre failures have shaken the technology market, affecting almost every processor made in the last two decades. Large companies shifted to prevent history from repeating itself: the giant chip maker Intel offers up to $250,000 for those who find similar vulnerabilities, and the tech giant Microsoft has now also announced on Thursday (15) will do the same.

The tech giant Microsoft’s rewards program runs until December 31, 2018, and promises to pay up to $250,000 to researchers who find the most serious flaws, that is, entirely new categories of speculative execution attacks. Bug hunters who manage to circumvent Windows or Azure mitigations can pocket up to $200,000.

Speculative execution is a feature present in almost all modern processors. To speed up performance, the chips try to guess which code will be executed next. If the forecast is wrong, the result is discarded; if you are right, there is a time-saving. However, Spectre can induce a processor to perform a “guessing” operation that would not run under normal conditions, leaking information.

The tech giant Microsoft explains that “speculative execution is truly a new class of vulnerabilities, and we believe that research is already being done to explore new methods of attack.” Therefore, the program aims to “promote such research and enable the coordinated dissemination of vulnerabilities related to these problems”.

All details about the rewards program for speculative execution attacks are on the Microsoft website.

Microsoft Wants to Pay You $250,000 To Find CPU Vulnerabilities
Reviewed by Rapheal Chukwumah
on
March 20, 2018
Rating: 5